Marti,
I've got your e-mail, thanks. I've CC'ed you on all 4 lcms bugs and they
should be now visible to you:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=142
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=157
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=166
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=192
Can you check? The view should work as well:
https://bugs.chromium.org/p/oss-fuzz/issues/list?q=Proj%3Alcms&saved=4&sort=-id&ts=1480876967
Here's our reproducing guide:
https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md
We used address sanitizer.
The code for our fuzzers:
https://github.com/google/oss-fuzz/blob/master/projects/lcms/cmsIT8_load_fuzzer.c
https://github.com/google/oss-fuzz/blob/master/projects/lcms/cms_transform_fuzzer.c
We would really love to see them moved to your repository and integrated
with your build system.
Just feed input bytes to these functions or you can use a standalone driver
like this:
https://reviews.llvm.org/diffusion/L/browse/llvm/trunk/lib/Fuzzer/standalone/StandaloneFuzzTargetMain.c
Let me know if you have any questions or problems reproducing.
On Sat, Dec 3, 2016 at 1:06 AM Marti <marti.ma...@littlecms.com> wrote:
> Hello Mike,
>
>
>
> At first, I would thank you very much for all the effort you have put in
> making lcms more secure. I appreciate.
>
>
>
> I will contact you by a separate email from my google account.
>
>
>
> If anybody else in the list are interested in this stuff, please let me
> know. Please note this is related to security and therefore I will not
> publicly list the vulnerabilities found. On depending on the severity, I
> can do a maintenance release to deal with that.
>
>
>
> Best regards
>
> Marti Maria
>
> The LittleCMS project
>
> http://www.littlecms.com
>
>
>
>
>
> *From:* Mike Aizatsky [mailto:aizat...@google.com]
> *Sent:* Friday, December 2, 2016 7:58 PM
> *To:* lcms-user@lists.sourceforge.net
> *Subject:* [Lcms-user] Reporting potential security vulnerabilities in
> lcms
>
>
>
> Hi!
>
>
>
> Our OSS-Fuzz fuzzing effort (
> https://testing.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html)
> has located several potential issues in lcms library (crash, heap use after
> free, heap buffer overflow) using the fuzz targets we developed (
> https://github.com/google/oss-fuzz/tree/master/projects/lcms)
>
>
>
> These crashes are now filed in a security-protected monorail tracker (
> https://bugs.chromium.org/p/oss-fuzz/issues/list) and we'd like to find
> lcms developers to take a look at them.
>
>
>
> We will CC developers on these issues to give them access to stack traces
> and reproducer data. For that we'd need an e-mail with associated gmail
> account.
>
> We will also set up the process to auto-CC these e-mails when we find more
> issues.
>
>
>
>
>
> --
>
> Mike
> Sent from phone
>
--
Mike
Sent from phone
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Lcms-user mailing list
Lcms-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lcms-user
